CVE-2020-11130

HIGH

Qualcomm Qcm4290 Firmware - Buffer Overflow

Title source: rule

Description

u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 16.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (31)

qualcomm/qcm4290_firmware

qualcomm/qcs4290_firmware

qualcomm/qm215_firmware

qualcomm/qsm8350_firmware

qualcomm/sa6145p_firmware

qualcomm/sa6155_firmware

qualcomm/sa6155p_firmware

qualcomm/sa8155_firmware

qualcomm/sa8155p_firmware

qualcomm/sc8180x_firmware

... and 21 more

Published Nov 12, 2020

Tracked Since Feb 18, 2026